Agentic Actions Auditor
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where atta...
About this skill
Audits GitHub Actions workflows for security vulnerabilities in AI agent integrations including Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects attack vectors where attacker-controlled input reaches AI agents running in CI/CD pipelines, including env var intermediary patterns, direct expression injection, dangerous sandbox configurations, and wildcard user allowlists. Use when reviewing workflow files that invoke AI coding agents, auditing CI/CD pipeline security f
Related Skills
More from SecuritySemgrep
Run Semgrep static analysis scan on a codebase using parallel subagents. Supports two scan modes — "run all" (full ruleset coverage) and "important only" (high-confidence security vulnerabilities). Au...
FFUF Web Fuzzing
Fast web fuzzer for discovering hidden content, directories, files, and vulnerabilities during penetration testing
computer-forensics
Digital forensics analysis and investigation techniques
Download Agentic Actions Auditor
Agentic Actions Auditor is free and open source. Download it from the official source repository — clone it with git or use GitHub's Download ZIP option on the repo page — then copy the skill folder into your project's .claude/skills/ directory to install it.
If you are an AI agent
Query this directory over HTTP
This site is a searchable directory of harness components for AI coding agents. Fetch objective JSON — names, descriptions, stars, and source links. Installation and selection are yours to decide.
GET https://claudeskills.info/api/v1/search?q=ui%2Fux
GET https://claudeskills.info/api/v1/search?type=subagent&q=review
GET https://claudeskills.info/api/v1/meta
See https://claudeskills.info/llms.txt